sqlite: fix segfault SQLTagStore when db handle is garbage collected

Author: louwers

src/node_sqlite.cc

@@ -832,7 +832,7 @@ void DatabaseSync::CreateTagStore(const FunctionCallbackInfo<Value>& args) {
   }
 
   BaseObjectPtr<SQLTagStore> session =
-      SQLTagStore::Create(env, BaseObjectWeakPtr<DatabaseSync>(db), capacity);
+      SQLTagStore::Create(env, BaseObjectPtr<DatabaseSync>(db), capacity);
   if (!session) {
     // Handle error if creation failed
     THROW_ERR_SQLITE_ERROR(env->isolate(), "Failed to create SQLTagStore");
@@ -2660,7 +2660,7 @@ void IllegalConstructor(const FunctionCallbackInfo<Value>& args) {
 
 SQLTagStore::SQLTagStore(Environment* env,
                          Local<Object> object,
-                         BaseObjectWeakPtr<DatabaseSync> database,
+                         BaseObjectPtr<DatabaseSync> database,
                          int capacity)
     : BaseObject(env, object),
       database_(std::move(database)),
@@ -2709,7 +2709,7 @@ Local<FunctionTemplate> SQLTagStore::GetConstructorTemplate(Environment* env) {
 }
 
 BaseObjectPtr<SQLTagStore> SQLTagStore::Create(
-    Environment* env, BaseObjectWeakPtr<DatabaseSync> database, int capacity) {
+    Environment* env, BaseObjectPtr<DatabaseSync> database, int capacity) {
   Local<Object> obj;
   if (!GetConstructorTemplate(env)
            ->InstanceTemplate()

src/node_sqlite.h

@@ -306,11 +306,12 @@ class SQLTagStore : public BaseObject {
  public:
   SQLTagStore(Environment* env,
               v8::Local<v8::Object> object,
-              BaseObjectWeakPtr<DatabaseSync> database,
+              BaseObjectPtr<DatabaseSync> database,
               int capacity);
   ~SQLTagStore() override;
-  static BaseObjectPtr<SQLTagStore> Create(
-      Environment* env, BaseObjectWeakPtr<DatabaseSync> database, int capacity);
+  static BaseObjectPtr<SQLTagStore> Create(Environment* env,
+                                           BaseObjectPtr<DatabaseSync> database,
+                                           int capacity);
   static v8::Local<v8::FunctionTemplate> GetConstructorTemplate(
       Environment* env);
   static void All(const v8::FunctionCallbackInfo<v8::Value>& info);
@@ -329,7 +330,7 @@ class SQLTagStore : public BaseObject {
  private:
   static BaseObjectPtr<StatementSync> PrepareStatement(
       const v8::FunctionCallbackInfo<v8::Value>& args);
-  BaseObjectWeakPtr<DatabaseSync> database_;
+  BaseObjectPtr<DatabaseSync> database_;
   LRUCache<std::string, BaseObjectPtr<StatementSync>> sql_tags_;
   int capacity_;
   friend class StatementExecutionHelper;

test/parallel/test-sqlite-template-tag.js

@@ -100,3 +100,17 @@ test('TagStore capacity, size, and clear', () => {
 test('sql.db returns the associated DatabaseSync instance', () => {
   assert.strictEqual(sql.db, db);
 });
+
+test('regression test https://github.com/nodejs/node/issues/60448', () => {
+  const sql = new DatabaseSync(':memory:').createTagStore();
+
+  sql.db.exec('CREATE TABLE test (data NUMBER)');
+
+  // Simulating meaningful work/likely triggering garbage collection...
+  for (const x of new Array(100_000).fill(0)) {
+    // eslint-disable-next-line no-unused-expressions
+    x + x;
+  }
+  // eslint-disable-next-line no-unused-expressions
+  sql.run`INSERT INTO test (data) VALUES (1)`;
+});